Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/UlisesGascon/check-my-headers
Fast and simple way to check any HTTP Headers
https://github.com/UlisesGascon/check-my-headers
Last synced: about 2 months ago
JSON representation
Fast and simple way to check any HTTP Headers
- Host: GitHub
- URL: https://github.com/UlisesGascon/check-my-headers
- Owner: UlisesGascon
- License: mit
- Created: 2020-02-10T21:45:22.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2023-06-25T11:02:12.000Z (over 1 year ago)
- Last Synced: 2024-05-13T22:22:03.424Z (8 months ago)
- Language: JavaScript
- Size: 895 KB
- Stars: 42
- Watchers: 3
- Forks: 5
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
- awesome-nodejs-security - check-my-headers - Fast and simple way to check any HTTP Headers. (Vulnerabilities and Security Advisories)
README
check-my-headers
Fast and simple way to check any HTTP Headers
Thanks Liran Tal and the amazing Snyk team for your support ๐
# About
Fast and simple way to check any HTTP Headers
# Usage
## Command line
Using Node.js's `npx` to run a one-off scan of a website:
```bash
npx check-my-headers https://example.com
```
The CLI will gracefully handle cases where the URL to scan is missing or wrong:
```bash
$ npx check-my-headers
๐ Welcome to [email protected]
๐ฌ Missing argument URL!
๐ Example: check-my-headers https://github.com/ulisesgascon/check-my-headers
```
## Module
Using `check-my-headers` in your project.
```js
const checkMyHeaders = require('check-my-headers')
checkMyHeaders("http://example.com")
.then(({ messages, headers, status }) => {
console.log(`Status code: ${status}`)
console.log(`Messages:`)
console.log(messages)
console.log("Current headers:")
console.log(headers)
})
```
Output:
```
Status code: 200
Messages:
[
{ msg: 'Remove field: server', type: 'error' },
{ msg: 'Missing field: content-security-policy', type: 'error' },
{ msg: 'Missing field: referrer-policy', type: 'error' },
{ msg: 'Missing field: strict-transport-security', type: 'error' },
{ msg: 'Missing field: x-xss-protection', type: 'error' },
{ msg: 'Missing field: x-content-type-options', type: 'error' },
{ msg: 'Missing field: access-control-allow-origin', type: 'warn' },
{ msg: 'Missing field: access-control-allow-methods', type: 'warn' },
{ msg: 'Missing field: access-control-allow-headers', type: 'warn' },
{ msg: 'Missing field: link', type: 'warn' },
{ msg: 'Deprecated field: expires', type: 'warn' },
{ msg: 'Extra field: etag', type: 'info' },
{ msg: 'Extra field: last-modified', type: 'info' },
{ msg: 'Extra field: vary', type: 'info' },
{ msg: 'Extra field: x-cache', type: 'info' },
{ msg: 'Extra field: connection', type: 'info' }
]
Current headers:
{
age: '534610',
'cache-control': 'max-age=604800',
'content-type': 'text/html; charset=UTF-8',
date: 'Wed, 12 Feb 2020 19:37:45 GMT',
etag: '"3147526947+ident"',
expires: 'Wed, 19 Feb 2020 19:37:45 GMT',
'last-modified': 'Thu, 17 Oct 2019 07:18:26 GMT',
server: 'ECS (nyb/1D2A)',
vary: 'Accept-Encoding',
'x-cache': 'HIT',
'content-length': '1256',
connection: 'close'
}
```
## Docker
Use Docker Hub:
```bash
# Pull the image from Docker Hub:
docker pull ulisesgascon/check-my-headers:latest
# Run container:
docker run --rm -e SCAN_URL="https://www.github.com/" ulisesgascon/check-my-headers:latest
```
`SCAN_URL` is an environment variable and its value must be replaced with the desired URL during Docker run. Docker container will exit once the scan has been completed.
To build and run the container locally:
```bash
# Clone Repo:
git clone https://github.com/ulisesgascon/check-my-headers.git
# Change to repo's cloned directory:
cd check-my-headers
# Build Image locally:
docker build --no-cache -t ulisesgascon/check-my-headers:latest .
# Run container:
docker run --rm -e SCAN_URL="https://www.github.com/" ulisesgascon/check-my-headers:latest
```
# Install
You can install globally via:
```bash
npm install -g check-my-headers
```
# Test
You can run them:
```bash
npm run test:coverage
```
# Contributing
Please consult [CONTRIBUTING](./CONTRIBUTING.md) for guidelines on contributing to this project.
# Author
**check-my-headers** ยฉ [Ulises Gascรณn](https://github.com/ulisesgascon), Released under the [MIT](./LICENSE) License.